Documentation ¶
Overview ¶
Package oci implements a Launcher that will configure and launch a container with an OCI runtime. It also provides implementations of OCI state transitions that can be called directly, Create/Start/Kill etc.
Package oci implements a Launcher that will configure and launch a container with an OCI runtime. It also provides implementations of OCI state transitions that can be called directly, Create/Start/Kill etc.
Index ¶
- Constants
- Variables
- func Attach(containerID string) error
- func Create(containerID, bundlePath string, systemdCgroups bool) error
- func CrunNestCgroup() error
- func Delete(ctx context.Context, containerID string, systemdCgroups bool) error
- func Exec(containerID string, cmdArgs []string, systemdCgroups bool) error
- func Kill(containerID string, killSignal string) error
- func Pause(containerID string, systemdCgroups bool) error
- func Resume(containerID string, systemdCgroups bool) error
- func Run(ctx context.Context, containerID, bundlePath, pidFile string, ...) error
- func Runtime() (path string, err error)
- func Start(containerID string, systemdCgroups bool) error
- func State(containerID string, systemdCgroups bool) error
- func Update(containerID, cgFile string, systemdCgroups bool) error
- func WrapWithOverlays(ctx context.Context, f func() error, bundleDir string, overlayPaths []string, ...) error
- func WrapWithWritableTmpFs(ctx context.Context, f func() error, bundleDir string, allowSetuid bool) error
- type Launcher
Constants ¶
const ( AttachPipeStdin = 1 AttachPipeStdout = 2 AttachPipeStderr = 3 )
Sync with stdpipe_t in conmon.c
Variables ¶
var ( ErrUnsupportedOption = errors.New("not supported by OCI launcher") ErrNotImplemented = errors.New("not implemented by OCI launcher") )
var ErrDetach = errors.New("detached from container")
Functions ¶
func CrunNestCgroup ¶
func CrunNestCgroup() error
crunNestCgroup will check whether we are using crun, and enter a cgroup if running as a non-root user under cgroups v2, with systemd. This is required to satisfy a common user-owned ancestor cgroup requirement on e.g. bare ssh logins. See: https://github.com/sylabs/singularity/issues/1538
func WrapWithOverlays ¶
func WrapWithOverlays(ctx context.Context, f func() error, bundleDir string, overlayPaths []string, allowSetuid bool) error
WrapWithOverlays runs a function wrapped with prep / cleanup steps for the overlays specified in overlayPaths. If there is no user-provided writable overlay, it adds an ephemeral overlay which is always writable so that the launcher and runtime are able to add content to the container. Whether it is writable from inside the container is controlled by the runtime config.
func WrapWithWritableTmpFs ¶
func WrapWithWritableTmpFs(ctx context.Context, f func() error, bundleDir string, allowSetuid bool) error
WrapWithWritableTmpFs runs a function wrapped with prep / cleanup steps for a tmpfs. This tmpfs is always writable so that the launcher and runtime are able to add content to the container. Whether it is writable from inside the container is controlled by the runtime config.
Types ¶
type Launcher ¶
type Launcher struct {
// contains filtered or unexported fields
}
Launcher will holds configuration for, and will launch a container using an OCI runtime.
func NewLauncher ¶
NewLauncher returns a oci.Launcher with an initial configuration set by opts.